A UK view on Cyber, Information & IT Security by Security Expert Dave Whitelegg. Providing advice and explaining security for everyone, and also contemplating advanced themes and future trends in security.
With a focus on all the latest developments & issues within the UK Information Security space such as Hacking, DDoS, Botnets, Malware, Identity Theft, Data Protection (DPA) and regulatory compliance like PCI DSS & ISO27001:2013, all will be explained in an easy to understand way.

Tuesday, 18 March 2008

It’s just bad, Phorm

Internet privacy controversy in the air at the moment, as adverting company Phorm are engaged on a PR campaign to gain acceptance of their new method of Internet advising, which they plan to roll out at the ISP level with BT, Virgin Media and TalkTalk. In fact today I will be speaking on BBC Radio Coventry and Warwickshire about this very subject.

Who are Phorm? Well they are an “adware” company formally know as 121Media. They were responsible for the “PeopleOnPage” desktop adware application, which gathered information about the host PC and recorded which web sites were visited by the user, before passing this information on to a third party server, in order to direct specific pop-up advertisements. In fact security company F-Secure regarded their app as Spyware, whether it is labeled officially as Adware or Spyware does really matter to me, as I believe such software is an unnecessary nuisance and any company behind duping users into installing it on their PCs should be viewed with utter scorn.

Enough of the history of Phorm and back to the present, although what Phorm are proposing is really the same sort of thing as their “PeopleOnPage” adware, but at an ISP level. Everything you do on the Internet passes through your ISP, website visits, Email and even the search text you submit on search engines. The Phorm plan to collect all individual http traffic within the ISP, including those search engine searches, profile the information based on keywords, then use the profile to direct specific web adverts within websites signed up to Phorm adverting. So let’s say I search for “fast cars” and visited several car based websites, the Phorm software running at the ISP would recognize me, or I should say technically my computer via a Phorm cookie, as being interested in “cars” and direct car advertising within any websites I browsed which used the Phorm advertising.
What could be interesting if lets say I were to let my misses browse the Internet on my shared PC account, when I came to use it I’d probably get bombarded with adverts for shoes and handbags!
Why are Phorm and ISPs eager to get this advertising introduced? The answer is clearly money, Phorm can charge higher for click through rates on their adverts because of higher chance that someone will click through and buy the end product, and the ISPs are interested as they will also take a cut of the cash, unlike traditional internet advertising, which have made millions for web site provides, like Google and MySpace.

So the big controversy is this, this is occurring within the ISP, and specifically whether our ISPs should be exploiting our “private” Internet usage for profit. Some consider this practice a direct violation of our privacy rights. While Phorm and the ISPs signing up say users will be able to opt out, but they don’t say whether everyone will be opted out or in automatically by default, I strongly suspect everyone will be opted in as a matter of course, here’s why. If you were to ask the users to opt in with this form advertising, I’m pretty sure just about everyone would say no thank you! Which for me answers the question to whether this is a good idea or not, in fact I’ve seen one Virgin forum (cableforum.co.uk) poll that stated 95% of users would want to opt out. I’ve also heard that if Phorm don’t have millions of users signing up, the whole system would not be viable, so we can be pretty sure everyone will be signed up by default.

It’s worth reminding that search engines track what we search for, just about all web sites track our visits, through cookies and even by our IP address and what we do on the website. Websites like Amazon use profiling within the scope of their website to direct items of interest to us. And most of us use supermarket club cards and Store Cards, which also track our shopping habits. But for me there is a clear difference, all of these are in the form of an “in house” profiling, rather than tracking everything we might do on the open Internet. I think this form of advertising is a step too far, and at the end of the day we pay for an ISP provided service, our searches and website visits is information created by us and ISPs should not be exploiting this information for extra profit by helping to direct advertising at us. The only way I see the Phorm proposal to be an acceptable practice, would be if an ISP were to offer free ADSL in conjunction with the Phorm ISP advertisement profiling.
Finally I have to ask whether this form of advertising is really needed anyway, what’s wrong with sticking advertisements for Cars, on Car themed websites and the latest Computer Game advertised on Gaming websites, do we really need to profile people’s internet usage in order to target the advertising at them?

Support Bloggers Rights

About Me

ShareThis

Disclaimer

This is a personal website, all views or opinions represented in this blog are personal to Dave Whitelegg and guest bloggers that post, and do not represent the views or opinions of any business or organisation. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information.

All original content copyright David Whitelegg 2007-2016. You may not use any original content with. Awesome Inc. theme. Powered by Blogger.